langchain

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content contains an unsafe use of eval() in the calculator tool (allowing arbitrary code execution / RCE if fed untrusted input); otherwise the snippets are benign examples and there is no explicit data exfiltration or credential-stealing code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The LangGraph example defines a @tool called "search" whose docstring is "Search the web" (and the RAG example uses a retriever built from documents/vectorstore as context), which indicates the agent will ingest and interpret external/public documents or web results that are untrusted and could carry indirect prompt injections.